Featured Article

Find a Translator or Interpreter
Search for:

Featured Article from The ATA Chronicle (February 2012)


The Importance of Linguistic Discretion in the Age of Facebook
By John Watkins

The boundaries of personal privacy are eroding in today’s online world, both through active and passive changes. For many of us, online privacy was not on our radar a few years ago. The explosion of social media online has changed that. Now we readily have access to sites that release personal information—from the 140 characters on Twitter to unfettered content on Facebook. Our perception of what is personal and what is appropriate to share online has changed as a result of our easy access to social media. Even online shopping is integrated with social media. How many of us have provided our addresses, phone numbers, mother’s maiden name, credit card numbers, birth dates, and other personal information doing everything from shopping on Amazon to ordering coupons through Facebook?

Privacy for Language Services Providers
While companies are delighted to exploit the personal data they mine from our online presence to market their wares and services more efficiently, they guard their own proprietary information fiercely to compete better in the marketplace.

Just a little thought clarifies that we, as language services providers, are privy to a wide variety of corporate secrets in our day-to-day work. For example:

Target Markets: When a medical device manufacturer is releasing a new blood scanner in 12 markets, we are translating their content for each of those markets and have direct knowledge of which markets are being targeted.

Product Functionality: We are among the first to know about new functionality in products, seeing it before it is released (often before the U.S. release as well).

Target Release Dates: Our work is always under time pressure, because our customers’ marketing departments have set confidential release dates for their products that they strive to meet (and pass that requirement on to us).

Proprietary Methodologies: Sometimes our customers have developed proprietary processes for product development, and we may be privy to those processes through the content we translate.

Legal issues: Many of us provide legal translations of customer contracts, employment agreements, patents, property leases, litigation settlements, and other highly confidential information.

Understanding Nondisclosure Agreements
Let us use a concrete example to understand where the multilateral and unilateral NDAs come into play. Suppose OmniTex Ltd. develops the revolutionary CleanDome Digital Chlorine Monitor and Dispenser.1 This is the first such device on the market and they are excited to launch it in the U.S. and five other international markets: Mexico, Brazil, Spain, Italy, and France (the pool-loving countries). They need to localize content that corresponds to distribution agreements with the five target markets. This material includes a user guide, a quick start guide, a software user interface, and a reporting tool that monitors and reports on chlorine levels and chemical utilization. OmniTex comes to ENLASO, a multi-language services provider, for localization of their content into the five markets. ENLASO and OmniTex sign a bilateral NDA that protects

OmniTex’s confidential information and, at the same time, ENLASO’s proprietary service methodology and pricing. To perform the services for OmniTex, ENLASO has to provide content to subcontracting linguists working on the OmniTex project. ENLASO has a unilateral NDA with each of the linguists that ensures that both OmniTex’s and ENLASO’s confidential information is protected by each linguist.

Fortunately, NDAs are pretty consistent despite obvious wording differences. They cover the same content, more or less, in their efforts to protect confidential data. An NDA typically achieves this by defining the following items:

• The parties, defined with the legal names and corresponding addresses. Legal entities may be companies, organizations, individuals, or other defined entities.

• The nature of the confidential information (for one or both parties). Typically, this includes proprietary business processes, methodologies, functionality, pricing, scheduling, content, and any other identified trade secrets. Confidential information does not include situations where the recipient has prior knowledge of the material, the recipient learns of the confidential information from another source, or the materials are available to the public.

• The purpose(s) for the disclosure of the confidential information. In the language services industry, this is typically for the provision of translation, localization, and/or interpreting services (and other related services, such as internationalization).

• The term of the agreement, typically in years. This defines the period during which confidential information may be distributed.

• The term that information is to remain confidential, typically in years. This defines the period that the recipient of confidential information must keep the information confidential (and is usually longer than the term of the agreement).

• The obligations of the recipient of the confidential information. These may include using the material only for the defined purposes, disclosing the confidential information only to those other parties with a need to know (who are bound by a similar NDA between the recipient and the third parties), and to use reasonable efforts to keep the information secure. Pay careful attention to this section if you are the service provider. Often this restricts distribution to any third parties. If this is so, you would need to modify the agreement if you need to transmit the information to your own third-party subcontractors to perform the services.

• The provisions for permissible disclosure. These typically involve disclosure by law or court order.

• The permission to obtain ex-parte injunctive relief. This means that, if the receiver inappropriately discloses confidential information as defined by the agreement, the owner of the confidential information may obtain an equitable remedy in the form of a court order that requires the receiver to refrain from disclosing the information. Failure to do so would leave the receiver who discloses confidential information open to possible criminal or civil penalties.

Note that the translations you provide under contract to your customers are usually defined as the intellectual property of the customer and thereby protected by the NDA as well.

Risks to Disclosure
We hear frequently, especially in current news, about the intentional release of confidential information. Take, for example, the intentional hack into the Sony servers, putting at risk confidential user data from PlayStation customers.2 We are not hackers and we do not intend to release our customers’ confidential information; however, it is too easy to release confidential information accidentally if we are not paying attention. Some of the processes we use in the language services industry provide opportunities for such accidental transmission of confidential information. While I cannot provide legal advice, I can give you pointers of good practices that help avoid security breaches.

Data Transmission: You’ve Got Mail
The one tool used by all of us, every day, is e-mail. E-mail provides an easy vehicle for releasing confidential data accidentally.

Confidential business information (as opposed to personally identifiable information) may be transmitted by regular e-mail if it is permitted under the terms of the NDA. A good way of knowing this is if the customer sends it to you via regular e-mail.

Remember to check your recipient list to ensure only those who should receive the e-mail do in fact receive it.
If required by your customer, using a secure FTP site provides the easiest way to transfer information securely. However, under no circumstances should you receive files from a secure FTP server and then distribute them outside your computing network with regular e-mail. Doing so downgrades the security used and may put you at risk for disclosing confidential information inadvertently.

If your work requires you to handle personally identifiable information (say, translating employee employment application forms or medical claim forms), you need to take special precautions. Personally identifiable data include names, birth dates, birthplaces, social security numbers, or other national ID numbers, driver’s license numbers, credit card numbers, and Internet protocol (IP) addresses. Never use regular e-mail to transmit personally identifiable information. Any breach of security with these data requires exceptional efforts to mitigate the release. Personally identifiable information should only be transmitted via secure channels, such as encrypted e-mail, encrypted attachments, or a fully secured FTP. Better yet, work with the owner of the data to “redact” or “strip out” the personally identifiable information before the data are sent to you and the translation process begins.

Translation Memories
Translation memories have revolutionized the language services industry, reducing the cost of repetitions and 100% match translations while shortening translation times and improving the consistency of the translation. Having more segments in the translation memory provides more opportunities for matches, reducing the translation timeline and costs. Therefore, the bigger the translation memory, the better.

If you have an NDA with a customer and you use a translation memory tool, the resulting translation memory is the confidential information of that customer. Say, for example, you have two customers who make blood glucose testing devices. It might be really tempting to use your translation memory from Customer A on the work for Customer B, but doing so would violate the NDA that you signed with Customer A. You should segregate your translation memories by customer to ensure compliance with signed NDAs.

Machine Translation
Anecdotally, using machine translation tools to facilitate human translation is gaining in popularity, but there are not many linguists who admit to it publicly. Unfortunately, as with sharing translation memories, submitting content to online machine translation tools poses a risk to protecting your customers’ confidential information. Depending upon the tools you use, the settings you select, and the specific license agreement, you may see terms of the machine translation agreement like the one from Google Translate: “(by) submitting or creating your content through the Service, you grant permission to use your content to improve or make available [the machine translation services]….”3 While the machine translation provider may not exploit the translated segments for anything other than improving the machine translation, the confidential content found in your segments may in fact be propagated into other products that then reuse the translated segment, thereby breaking confidentiality. The content is not yours, so you cannot grant the right to anybody else to do something with that content.
As a result of the ambiguity regarding the release of confidential information while using machine translation, you should obtain permission in writing from your customer before submitting their content to an online machine translation service.

Today, we find customers who are looking for ways to reduce costs, and, with appropriate education from you, they are often willing to “take the risk” of releasing segments to an online machine translation service to reap the corresponding benefits.

Next Steps
Review the NDAs you have signed, taking the time to ensure your workflow processes include the steps necessary to protect your customers’ confidential information. With just a little planning and thoughtful execution, you can adhere to the requirements of each NDA while providing great service to your customers. You can, indeed, rest a bit easier knowing you have done what you can to protect the confidential information.

1. This is a fictional company and product. Any resemblance to a real company or product is coincidental.

2. Stevens, Tim. “Sony Provides PSN Update, Confirms a ‘Compromise of Personal Information’ (Updated).” endgadget (April 26, 2011),

3. See Google Translator Toolkit Additional Terms,

John Watkins has an extensive background in product engineering and localization, having worked in international business for over 18 years. During his career, he has been involved in software product development, human resource policies and procedures, and business process engineering. He spent 10 years in Europe working at an international government agency to make the skies safer for air travel in 22 languages. He has an M.Sc. from the University of Cincinnati. Contact: